Installation and management of the mod_security with CWP are very simple, you can install it with a single click.
To install mod_security you only need to click on the “install mod security” button in your cwp.admin –> Security –> Mod Security
With the installation of mod_security, you are also getting OWASP set of rules.
OWASP rules are very strict and you probably need to add few rules on the white-list.
By enabling mod_security with OWASP rules, you should also test your websites fully and if you get forbidden 403 or similar error messages then you would need to check which OWASP rule is blocking you.
You can check the rule ID blocking you by simply searching your IP address in the mod_security module of the CWP.
To disable a rule blocking you, you need to add its ID listed under quotes into disabled rules file and once you add all rules the apache reload is necessary to accept these new changes.
How to whitelist Mod Security rules if you get http error 403 Forbidden
What is the difference between the CSF Firewall and ModSecurity
Basically, in the firewall, you have open port 80 and 443 meaning that the firewall can’t protect you from malware, xss and sql-injection attacks.
ModSecurity will help to improve the security of your server and scripts you are using on it.
How to quickly find from ssh which rule id you need to whitelist
grep 126.96.36.199 /usr/local/apache/domlogs/*error.log|grep ModSecurity
* replace numbers with your computer IP